Issue:
We have followed the setup instructions provided as per https://floragunncom.github.io/search-guard-docs/x_pack_monitoring.html
But search Guard plugin for Kibana is throwing out an error:
log [05:58:43.063] [error][reporting] Error: cluster ‘security’ already exists;
at Object.create [as createCluster] (/Users/sriharsr/kibana-5.6.0-darwin-x86_64/src/core_plugins/elasticsearch/lib/create_clusters.js:26:15)
at exports.getClient.server (/Users/sriharsr/kibana-5.6.0-darwin-x86_64/plugins/x-pack/server/lib/get_client_shield.js:6:48)
at /Users/sriharsr/kibana-5.6.0-darwin-x86_64/plugins/x-pack/node_modules/lodash/index.js:7363:25
at getUserFn (/Users/sriharsr/kibana-5.6.0-darwin-x86_64/plugins/x-pack/plugins/reporting/server/lib/get_user.js:5:33)
at /Users/sriharsr/kibana-5.6.0-darwin-x86_64/plugins/x-pack/plugins/reporting/server/lib/once_per_server.js:24:15
at memoized (/Users/sriharsr/kibana-5.6.0-darwin-x86_64/plugins/x-pack/node_modules/lodash/index.js:7912:27)
at authorizedUserPreRoutingFn (/Users/sriharsr/kibana-5.6.0-darwin-x86_64/plugins/x-pack/plugins/reporting/server/lib/authorized_user_pre_routing.js:8:19)
at /Users/sriharsr/kibana-5.6.0-darwin-x86_64/plugins/x-pack/plugins/reporting/server/lib/once_per_server.js:24:15
at memoized (/Users/sriharsr/kibana-5.6.0-darwin-x86_64/plugins/x-pack/node_modules/lodash/index.js:7912:27)
at main (/Users/sriharsr/kibana-5.6.0-darwin-x86_64/plugins/x-pack/plugins/reporting/server/routes/main.js:22:36)
at _phantom.phantom.install.then.phantomPackage (/Users/sriharsr/kibana-5.6.0-darwin-x86_64/plugins/x-pack/plugins/reporting/index.js:113:13)
log [05:58:43.063] [error][reporting] undefined
log [05:58:43.069] [fatal] TypeError: Cannot read property ‘code’ of undefined
at _phantom.phantom.install.then.catch.err (/Users/sriharsr/kibana-5.6.0-darwin-x86_64/plugins/x-pack/plugins/reporting/index.js:126:47)
Why is search guard plugin trying to create a new cluster for security?
Attached are the configuration files.
Config highlights:
in elasticsearch.yml
xpack.security.enabled: false
xpack.monitoring.enabled: true
xpack.monitoring.exporters:
id1:
type: http
host: [“http://127.0.0.1:9200”]
auth.username: admin
auth.password: admin
ssl:
truststore.path: truststore.jks
truststore.password: changeit
searchguard.ssl.http.enabled: false
``
in kibana.yml
xpack.monitoring.enabled: true
xpack.security.enabled: false
elasticsearch.ssl.verificationMode: none
elasticsearch.url: “http://localhost:9200”
elasticsearch.username: “kibanaserver”
elasticsearch.password: “kibanaserver”
searchguard.basicauth.enabled: true
searchguard.cookie.secure: true
searchguard.cookie.name: “searchguard_authentication”
searchguard.cookie.password: “searchguard_cookie_default_password”
searchguard.cookie.ttl: 7200000
searchguard.session.ttl: 7200000
searchguard.session.keepalive: true
elasticsearch.requestHeadersWhitelist: [ “authorization”, “sg_tenant”, “x-forwarded-for”, “x-forwarded-by”, “x-proxy-user”, “x-proxy-roles” ]
searchguard.basicauth.login.showbrandimage: true
xpack.security.enabled: false
xpack.monitoring.enabled: true
``
in sg_config.yml
searchguard:
dynamic:
authc:
kibana_auth_domain:
enabled: true
order: 2
http_authenticator:
type: basic
challenge: true
authentication_backend:
type: internal
``
in sg_roles.yml
sg_kibana_server:
cluster:
- CLUSTER_MONITOR
- CLUSTER_COMPOSITE_OPS
- cluster:admin/xpack/monitoring/bulk*
- cluster:admin/xpack/monitoring*
- cluster:security/*
indices:
‘':
'’:
- ALL
``
Version details:
Elastic search version: 5.6.0
Kibana version: 5.6.0
x-pack version: 5.6.0
Search Guard version: 5.6.0-16
Search Guard Kibana plugin Multitenancy 5.6.0-4
java version “1.8.0_152”
elasticsearch.yml (3.62 KB)
sg_action_groups.yml (1.48 KB)
sg_config.yml (9.57 KB)
sg_internal_users.yml (1.33 KB)
sg_roles_mapping.yml (1013 Bytes)
sg_roles.yml (6.26 KB)
kibana.yml (5.34 KB)